×

DATABASE DECEPTION IN DIRECTORY SERVICES

  • US 20170171244A1
  • Filed: 12/10/2015
  • Published: 06/15/2017
  • Est. Priority Date: 12/10/2015
  • Status: Active Grant
First Claim
Patent Images

1. A method for detecting unauthorized access of a network environment, the method comprising:

  • instantiating, by a security computer system, at least one first network service and executing the at least one first network service on the security computer system;

    transmitting, by the security system, at least one first credential effective to authorize use of the first network service to a central server implementing an active directory service for a plurality of second network services implemented by one or more network servers in data communication with central server;

    storing, by the central server, the one or more first credentials in a repository storing second credentials effective to authorize access to the plurality of second network services;

    authenticating, by the central server, a first user;

    determining, by the centrals server, that one of the second credentials authorizes the first user to access one of the second network services;

    in response to determining that the one of the second credentials authorizes the first user to access the one of the second network services, instructing the one of the second network services to allow access by the first user;

    authorizing, by the centrals server, a second user to access the at least one first network service using the at least one first credential;

    in response to accessing of the at least one first network service by the second user, performing, by the security computer system 

    permitting access to the at least one first network service;

    outputting an alert indicating that unauthorized access of the central server has occurred.

View all claims
  • 3 Assignments
Timeline View
Assignment View
    ×
    ×